The keynote for Sun Security Con 2026 (SunSecCon) was given by Farzan Karimi on how incident handling can go awry because of a lack of collaboration between the "good guys"—which stands in contrast to how attackers collaboratively operate. He provided some "war stories" where security incident handling had benefited from collaboration and others where it was hampered by its lack. SunSecCon was held in conjunction with SCALE 23x in Pasadena in early March.

The Tor Blog has an interesting article about the non-technical side of setting up a Tor Relay. It documents how a computer science student at National Taiwan Normal University worked with the university system to set up a relay and provides a template for future attempts:

In Taiwan, anonymous networks do not lack technical documentation or ideological support. The real scarcity is experience from actually working through the real institutional system once. Especially in an environment where academic networks are highly centralized and outbound connectivity is tightly controlled, distributed anonymous infrastructure like Tor Relays is inherently difficult to sustain.

This implementation at National Taiwan Normal University was not meant to provide a final answer for anonymous networks. It was a concrete attempt made within real-world institutions. It may not immediately improve the performance or security of anonymous networks, and it was not intended to become a directly reproducible standard process. What it did achieve was leaving behind a clearly visible path of practice—one that can be understood, referenced, and built upon.

Version 2.0 of the LibreQoS traffic-management and network operations platform has been released.

This release makes LibreQoS easier to operate, easier to understand, and much more useful for day-to-day network work. Now users can see more of what is happening across the network, troubleshoot subscriber issues with better tools, and work from a much stronger local WebUI.

This release includes many capabilities that reflect ideas and direction long championed by our late colleague, Dave Täht.

Dave's work helped shape the understanding of bufferbloat and the importance of latency under load across the networking community. His influence continues to guide both LibreQoS and the broader effort to improve Internet quality.

The project has also announced the release of the LibreQoS Bufferbloat Test v2, also dedicated to Täht. It runs in a user's browser to look at "latency under load, jitter, loss, and what those things mean for the kinds of traffic people actually care about: browsing, streaming, video calls, audio calls, backups, and gaming".

The kernel's direct map provides code running in kernel mode with direct access to all physical memory installed in the system — on 64-bit systems, at least. It obviously makes life easier for kernel developers, but the direct map also brings some problems of its own, most of which are security-related. Interest in removing at least some pages from the direct map has been simmering for years; a couple of patch sets under discussion show some use cases for memory that has been removed from the direct map, and how such memory might be efficiently managed.

Greg Kroah-Hartman has announced the release of the 6.19.10, 6.18.20, 6.12.78, 6.6.130, and 6.1.167 stable kernels. Each contains important fixes throughout the tree. Users are advised to upgrade.

Security updates have been issued by Debian (chromium), Fedora (chromium, containernetworking-plugins, musescore, and python-multipart), Mageia (perl-XML-Parser, roundcubemail, trilead-ssh2, vim, and webkit2), Oracle (389-ds:1.4, gimp:2.8, glibc, gnutls, kernel, libarchive, nginx:1.24, opencryptoki, python3, uek-kernel, vim, yggdrasil, and yggdrasil-worker-package-manager), Red Hat (delve, osbuild-composer, and skopeo), Slackware (mozilla), SUSE (dpkg, go1.26-openssl, gstreamer-plugins-ugly, kernel, libssh, ovmf, python-pyasn1, python-tornado6, python311, salt, sqlite3, and systemd), and Ubuntu (linux-aws-fips, linux-azure, linux-azure-fips, linux-fips, linux-gcp-fips, linux-iot, linux-kvm, pjproject, and redis).